- MimbleWimble
- Proposed anonymously in IRC by Tom Elvis Jedusor
- Private by default
- Massively prunable
- Relies solely on elliptic curve cryptography
- No scripting
- MW transactions consist of:
- Designed Elastico, first peer-reviewed sharding protocol for public blockchain
- Inspired Zilliqa
- Created Oyente, first open-source smart contract verifier
- Used by Melonport, Quantstamp, Augur
- Co-founder at Kyber Network
- On-chain liquidity protocol for token swaps
- Have issues with scalability:
- Every miner needs to emulate every execution step for the VM
- Thus, charges gas for those who want to advance state of VMs
- To compensate miners
- The complexity of contracts is capped by the global gas limit
- All contract code and data can only be public
- Smart contracts can't connect with external data, so off-chain resources are not easily usable.
- 80%+ of smart contract use cases need external resources.
- Can connect smart contracts to critical external data
- Can also connect to widely accepted bank payments
- There's been a lot of discussion and fear about China's involvement with Bitcoin. We wanted to provide more rigor to the discussion.
- Note: will refer to "China" often—primarily referring to a small number of policymaking groups in China who have the power to affect Bitcoin policy.
- China challenges Bitcoin's fundamental security
- Assumption: no party can amass too much power over the consensus process.
- Blockchain is becoming a big deal.
- Every finance company is developing a "blockchain strategy."
- $5B invested in startups, $10B invested in ICOs.
- Big gap between what's been sold to users, and what current technology is capable of.
- Doesn't scale to being a payment system.
- What about a store of value?
- Alice's device, containing her private key, is a single point of failure
- Instead of having a single device store your key material...
- You can split it into multiple devices
- Designed your address as protected by multiple keys
- Proofs of computational integrity
- Game between prover and verifier
- Prover knows an input to a
F(x)
that would make it returny
- Prover could trivially prove this by providing
x
- This convinces the verifier for sure!
- Being able to convince the verifier of a true claim is the property of completeness